Smishing and vulnerabilities found in WordPress websites: Report

Bad actors use smishing messages to trick victims into disclosing personal information such as passwords, identities, and financial information.

Plugin flaw leaves up to 200,000 WordPress sites at risk of attack

A popular WordPress theme plugin that’s installed on some 200,000 websites has been found to contain a serious vulnerability that, if abused, could allow remote attackers to wipe the sites and gain admin access to them.